隐私政策

Data protection and Data management Policy of
Com-Ware Publishing Ltd.
for the SmartNetworking™ recruitment portal system

I. The aim of the Data protection and data management Policy

The aim of the present Data protection and data management Policy is to lay down the data
protection and management principles applied by Com-Ware Publishing Ltd. (6, Szivárvány street,
2040 Budaörs, Hungary, Postal address: POB: 317. H-2041 Budaörs, Hungary,
hereinafter: the Company) and the data protection and management policy, which is recognized by the Company as binding. The Company as a Data manager undertakes to ensure that all data management related to its activity meets the requirements of the applicable law.

When drawing up the present rules the Company took into special account the regulations of the next laws:

• LXIII. law of 1992 – on the protection of persona data and publicity of data of public interest;
• CXIX. law of 1995 – on the treatment of name and address data for the purpose of research and direct marketing;
• VI. law of 1998 – on the protection of individuals during mechanical process of their personal data, the Treaty proclaimed on 28 January 1981 in Strasbourg;
• CVIII. law of 2001 – regarding certain aspects of electronic trade and information society-related services;
• XLIII. law of 2008 – on the basic conditions and certain limitations of marketing advertising;
• CXII. law of 2011 – on informational self-determination right and freedom of information ("Infotv."); and the
• EU-679/2016 – General Data Protection Regulation (GDPR).

The aim of the present Policy is to ensure the services provided by the Company in all areas, for all individuals, regardless of their nationality or residence, and to respect their rights and fundamental freedom, especially their right to privacy during the mechanical processing of their personal data (data protection). Company declares that it respects the personal rights of the partners, clients and the visitors of their websites. It handles the recorded data confidentially, according to the data protection law and international recommendations, complying with the present data management policy and takes all the safety, technical and organising measures that guarantees the data safety.

II. Concept Definitions

Automatized data file: A set of data to be processed automatically;

Data or Personal data: The data which can be associated with a defined natural person (hereinafter: involved), conclusion can be drawn from the data concerning the involved. The personal data preserves this quality during data management until its connection with the involved can be recovered; Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.

Data deletion: Making the data unrecognizable in a way their recovery is impossible;

Data destruction: The total physical destruction of the storage media which contains the data;

Data file: The sum of the data managed in one register;

Data management: Regardless of the applied proceeding any operation or the total of operations carried out on personal data, especially the collection, adding, recording, systematization, storage, change, use, query, transfer, publishing, coordination, locking, deletion and destruction, or the prevention of further data usage; The data management of the Company is carried out by the Company itself, it does not use any external storage media.

Data manager: The natural or legal person and organization without legal personality, who or which defines the aim of data management individually or together with others, makes and implements decisions concerning data management (including the equipment used), or implements it by the data processor;

Data processing: The completion of data managing operations and technical tasks regardless of the methods and devices applied for the completion of the operations, and of the place of application, assuming that the technical task is carried out in connection with the data.

Data processor: The natural or legal person and organization without legal personality, who or which carries out the processing of the personal data on behalf of the data manager;

Data publishing: When they make the data accessible by anyone;

Data transfer: When they make the data accessible by a defined third person;

Mechanical processing: Contains the following procedures if they are carried out partly or fully automatized devices: data storage, logical or arithmetic operations of the data, changing, deleting, retrieving and spreading the data.

System: The total of technical solutions operating the available webpages and services of the Data managers and their partners.

Third Person: Means such individual or legal person, or organisation with no legal personality that is not identical with the Partner, the Data Manager or the Data Processor.

User: The natural person who using one of the Company’s services (SmartNetworking™ System, 9x5) provided by Com-Ware Publishing Ltd., and provides any of data listed in point III.

IV. The range of other data managed by the Company (log files)

4.1 The data to be recorded technically during the operation of the systems: the data of the User's login computer, which are generated during the usage of the service, and which are recorded as automatic results of technical operations by the system of the Data manager. The automatically recorded data are logged automatically by the system without any special statement or act of the User at signing in and out. Only the Data manager can access the data.

V. About cookies

5.1 The Company in favour of personalized serving places a small data package (so called "cookie") on the User's computer. The aim of the cookie is to provide the higher level of operation in order to increase the user experience. The User can delete the cookie from his/her own computer, and s/he can configure the browser to disable the application of cookies.

5.2 To improve your user experience we use cookies and those cookies may be stored on your computer when you visit our website(s).

5.3 We use Google Analytics to analyse the use of our website(s). Google Analytics gathers information about
website(s) use by means of cookies. The information gathered relating to our website(s) is used to create
reports about the use of our website(s). Google's privacy policy is available at:
https://www.google.com/policies/privacy/

5.4 Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

5.5 Blocking all cookies will have a negative impact upon the usability of many websites.

5.6 By disabling the application of cookies the User acknowledges that without cookies the operation of the given website is not complete.

VI. The legal basis, aim and method of data management

6.1 The data management is carried out based on the statement with voluntary, proper information base of the Company's Users, which statement contains the explicit consent of the Users to the management of their personal data provided during the usage of the website and of their generated data as well. The legal basis of the Data management, based on the a) point of (1) paragraph of article 5 of Infotv. is the voluntary consent of the involved.

6.2 The aim of managing the automatically recorded data is to ensure the services available via the websites of the Company, to show personalized contents and advertisements, to create statistics, to develop the IT system technically, and to protect the rights of users.

6.3 The Data manager cannot use the provided personal data for aims different than the ones described in these points. The release of Personal data to a third party or to the authorities - unless a law disposes about it differently with binding force - can only be possible based on official decision, or on the preliminary, direct consent of the User.

6.4 The Data manager does not check the received Personal data. Only the data provider is responsible for the conformance of the provided data.

6.5 By providing an e-mail address the User takes responsibility for the fact that via the given e-mail address s/he is the only one who uses the service. Having regard to this responsibility, only the User is responsible for the sign ins carried out by the given e-mail address who registered the given e-mail address.

VII. The principles of data management

7.1 Personal data can only be obtained and processed fairly and legally.

7.2 Personal data can only be stored for defined and legal aims, and it cannot be used in a different way.

7.3 The Personal data has to be proportional to the aim of the storage, and must comply with this aim, they cannot exceed it.

7.4 The appropriate security measures has to be done in order to protect the Personal data stored in the automatized data files by preventing accidental or unlawful destruction, accidental loss, unlawful access, modification or spreading.

7.5 The personal data can be handled by the Company if

a) the concerned party gives his/her consent, or

b) the law stipulates so – or based on the authorisation by law in the pre-defined scope – the decree of the local self-government for a purpose that is based on public interest (mandatory data management).

7.6 The personal data can be managed only for certain purposes, in order to exert the right or meet an obligation. Every phase of the data management shall correspond to the purpose, and the recording and management of the data shall be correct.

7.7 Only those personal data can be managed that are indispensable or the realisation of the purpose of the data management, hey are suitable to reach the objective, and only at the extent and for the time required to realise the objective.

7.8 The personal data can be handled only through consent that is based on proper briefing.

7.9 Before commencing the data management the concerned party shall be informed whether the data management is based on consent or it is mandatory. The concerned party shall be informed clearly and in detailed form about the facts related to the data management, with special regard to the purpose and legal grounds of the data management, the person entitled to handle or process the data, the duration of data management, the concerned party shall be informed if the personal data are handled by the data manager with the concerned party’s consent and for the purpose of meeting the legal obligation related to the data manager or for enforcing the righteous interest of a third party, and he shall also be informed about the people who can have access to the data. The information shall cover the concerned data management-related rights and possibilities of legal remedies, too.

7.10 During the data management one shall assure that the data are accurate, complete, up-to-date and the concerned party can be identified only or the time required for the purpose of data management.

7.11 The employees who handle data at the Company’s organisational units shall handle the obtained personal data as business secrets. The people who are managing the personal data and have access to them are obliged to make a confidentiality statement.

VIII. Data protection directives applied by the Company

8.1 The indispensable Personal data for using the services of the Company are used based on the contribution of the involved, solely tied to the aim.

8.2 The Company as Data manager undertakes to manage the received Personal data according to the provisions of the Infotv. and to the data protection principles laid down in the present Policy, and does not give it to a third party apart from the Data manager defined in the present Policy.

The usage of Personal data in statistically aggregated form is an exception from the provision defined in the present part, which cannot contain the included User's name or any other data suitable for identifying in any form, thereby it is not qualified as Data management, nor as Data transfer.

8.3 In certain cases - in case of official court, police requests, legal proceedings because of copyright, property or other infringement or their reasonable suspicion and therefore the violation of the Company's interests, jeopardising of service providing, etc. - the Company can make the Personal data of the involved User available for third parties.

8.4 The system of the Company can collect data of the Users' activity, which cannot be linked to the other data given by the Users at registration, nor to the data generated during the usage of other websites or services.

8.5 The User must be informed about the aim of the Data management and about who will manage and process the provided data. The information on Data management is carried out when a law disposes on the already existing Data management - on Personal data collection by transfer or linking.

8.6 In every case when the Company intends to use the provided data for other aims than the original purpose of the data collection, s/he has to inform the User about it, and for this the preliminary, explicit consent is needed, and the Company provides an opportunity for the User to prohibit the usage.

8.7 The Company as Data manager complies with the restrictions laid down by laws during the collection, recording and managing of the Personal data in any case.

8.8 The Company undertakes to take care of the safety of Personal data and to take the technical and organizational measures and creates those rules of procedure, which provide the security of the recorded, stored and managed Personal data, and which prevents their demolition, unauthorized use, and unauthorized change. It also undertakes to call upon every third party to whom the Personal data can be transferred or given to fulfil this obligations in this respect.

8.9 The Data manager locks the Personal data when the involved requests it, or based on the available information it is presumable that the deletion would affect the legitimate interests of the involved. The Personal data locked in this way can be managed until the data management aim, that excluded the deletion of the personal data, exists.

8.10 The involved User and all should be informed about the correction, locking and deletion of managed Personal data, for whom the data was transferred before with Data transfer purposes. The notice can be omitted in case the legitimate interest of the involved is not violated in respect of the aim of Data management.

IX. The duration of data management

9.1. The management of the Personal data provided by the User persists as long as the User does not unsubscribe from the service with the given username, and requests the deletion of the data at the same time. The date of deletion is within 10 workdays from the receipt of the User's request for deletion. In this case the data is deleted at every Data manager defined in the present Policy.

In case of unlawful, deceptive use of Personal data, crimes committed by the User or attack on the system the Data manager is entitled to immediately delete the data of the User at the same time when the registration is terminated, however - in case of suspicion of crime or civil liability - the Data manager is entitled to preserve the data during the duration of the procedure to be prosecuted.

9.2 The Personal data provided by the User - even in case the User does not unsubscribe from the service or by deleting the registration s/he only terminated the sign in option, the experiences / comments in them will be preserved - can be managed by the Company as Data manager until the User specifically requests the abolition of their management in writing. The User's right to use the service is not affected by the request without unsubscribing the service, but it may occur that in absence of Personal data certain services will not be available for use. The data will be deleted within 10 workdays from the receipt of the request.

9.3 The Personal data which are recorded technically during the operation of the system are stored in the system for a period appropriate in respect of providing the operation of the system beginning with the date of generation. The Company ensures that these automatically recorded data cannot be linked to other personal user data - except for the cases bound by the law. If the User terminated his/her consent to Personal data management, or unsubscribed from the service, then his/her identity will not be identifiable based on the technical data - excluding investigating authorities and their experts.

X. SignUp to the recruiting portal as a User

10.1 Some services of the Company's SmartNetworking™ recruitment portal system are available only for registered users.

10.2 The objective of data management: Register of website users who created any recruiting site, personalized service, retention of previous orders, and recruiting pages already created.

10.3 The legal basis of data management: The concerned party’s voluntary consent and the paragraph 13/A & 14. of the 2001/CVIII act on certain aspects of information society services.

10.5 Duration of data management: In the case of registered users (whose subscription has expired or has not yet paid for the service): 12 months from the last login: In the case of an unconfirmed signup: up to 30 days from unconfirmed registration request. In the case of a continuous subscription, the management of the Personal data provided by the User persists as long as the User does not unsubscribe from the service with the given username, and requests the deletion of the data at the same time. Data management is terminated when the user is unsubscribed with the given user name and at the same time asks for the data to be deleted. The date of deletion is within 10 workdays from the receipt of the User's request for deletion.

XI. Rules for sending newsletters

11.1 Pursuant to the paragraph 6. § of the 2008/XLVIII act on the basic conditions and certain limits of the business promotion activity the User is giving his/her consent in advance so that the Company can contact him/her with ads, other consignments through the contact details provided at the registration (e.g. electronic e-mail address or phone number).

11.2 In addition by considering the provisions of the present information the Customer approves that the Company can handle his personal data required to send promotion material.

11.3 The Company does not send unsolicited ads and the User can unsubscribe free of charge from the promotions without restriction and justification. In this case the Company is deleting all the personal data from the register that are required to send the ads and the User won’t be connected with further ads. User can subscribe from the ads by clicking the link in the message.

11.4 The objective of data management: sending electronic newsletters to the User with economic ads, information about the current products.

11.5 The legal basis of data management: The concerned party’s voluntary consent and the paragraph 6. § (5) of the 2008/XLVIII act on basic terms and conditions of the business ads as well as the certain limits.

11.6 The range of managed data: name, e-mail address, date, time.

11.7 Duration of data management: till the approving statement’s withdrawal that is the unsubscribing.

XII. Signups via recruiting sites

12.1 On the recruiting page(s) a „Get more information” signup form is accessible for Prospects.

12.2 The Prospect - if s/he would like to contact the maintainer of the recruiting site (user) acknowledge and agree that the operator (Company) will forward their personal data to the maintainer of this recruiting web site (user) as a third party!

12.3 The objective of data management: Answering questions to the person (prospect) who gave their contact information.

12.4 The legal basis of data management: Voluntary consent of the person concerned.

12.6 Duration of data management: The management of the Personal data provided by the the Prospect persists as long as the related User uses this service at our Company, or the prospect does not unsubscribe from the service with the given email address. The date of deletion is the approving statement’s withdrawal that is the unsubscribing. Data management will also delete immediately if the User deletes the website where the Prospect gave their contact information.

XIII. Provision of personal data

13.1 The changes of Personal data can be set or modified in the „My Profile” page(s) belonging to specific services. At the same place there is an option for deleting Personal data and subsribe/unsubscribe to Newsletters.

13.2 The newsletters of the Company can be waived at the unsubscribe links in them.

13.3 Following the completion of demands regarding the deleting or modifying the Personal data the previous (deleted) data cannot be restored.

13.4 The Users can request information about the management of their Personal data from the Company as Data manager at any time in writing, via a registered or certified letter sent to the address of the Data manager, or via e-mail sent to info@smnets.com e-mail address. The request for information is considered as authentic by the Company, if based on the sent request the User can be identified clearly. The request for information sent in e-mail can only be considered as authentic by the Data manager, if it was sent from the registered e-mail address of the User. The request for information can cover the data of the User managed by the Data manager, their sources, the aim, legal basis, duration of Data management, the names and addresses of possible Data managers, the activities related to Data management, and in case of Personal data transfer who and for what purpose did they get the data of the User.

13.5 For the questions in connection with Data management the Data manager is obliged to answer within 15 workdays from the receipt. In case of an e-mail the first workday after the sending shall be considered as the date of receipt.

XIV. Data processing

14.1 The Company does not apply any particular external Data processors. The personal data managed by the Company is processed by it if required.

XV. External Companys

15.1 The Company can cooperate with external Companys who facilitates the registry and sign in during the usage of certain services (e.g. Facebook Inc., Google Inc., hereinafter: "External Company"). In the system of the External Companys in respect of the data provided there the external Companys' privacy policy is governing.

15.2 Within the framework of each services in respect of contents made available and shared on different social networks the External Company is qualified as the manager of Personal data who makes the sharing of the content possible, and for its activities its own terms of use and privacy policy are governing. Such external intermediary services are for example: Facebook, Google, Pinterest, Tumblr, Twitter, Instagram, Snapchat, LinkedIn.

15.3 The Company can transfer certain Personal data provided by the User to an External Company in connection with the operation of the service, but the transferred data can only be used by the External Company for aims defined in the present Policy.

XVI. The possibility of data transfer

16.1 The Company as Data manager is entitled and obliged to transfer all available and properly stored Personal data to the competent authority, for which data transfer the Company is bound to by law or by legally binding magisterial obligation. Because of such Data transfer and consequences derived from it the Data manager cannot be held responsible.

16.2 In case the Company transfers the operation or utilization of the content delivery and hosting services of its websites partly or fully to a third party, then the data managed by the Company can be fully transferred to this particular third party without asking for a special contribution for further management. This Data transfer cannot put the User at a more disadvantaged situation than the prevailing data management regulations laid down in the present Policy.

16.3 The Company keeps a data transfer record in order to check the legality of Data transfer, and to inform the involved.

XVII. Data safety, storing personal data

17.1 The IT systems and other data retention places of the Company can be found in the server rooms of 3 in 1 Hosting LP. as a webhosting service provider.

17.2 The Company selects and manages the IT tools used to handle personal data in the provision of the service that provide the server with the information that it manages:

- only accessible to authorized persons
- be protected against unauthorized access
- data modifications can be traced

17.3 The computer system and network of the Company and the webhosting service provider are both protected against computer-aided fraud, espionage, sabotage, vandalism, fire and flood, as well as attacks against computer viruses, computer burglaries, and denial of service. The operator provides security through server-level and application-level security procedures.

17.4 The Company makes all the safety steps, takes all the organisational and technical measures for the highest possible safety of the personal data respectively in order to prevent their unauthorised modification, termination and use.

17.5 The Company takes all the necessary measures for assuring the data integrity meaning is the accuracy, completeness and up-to-date status of the personal data that are either handled and/or processed by him.

17.6 The service is protecting the data with proper measures, with special regard against unauthorised access, modification, forwarding, disclosure, deletion or annihilation as well as for preventing the accidental annihilation, corruption and the inaccessibility due to the modification of the applied technique.

17.7 Thus the Company sustains the right that if there are security gaps in the system of his customers or partners, then he will inform his partners and customers accordingly, and simultaneously till the elimination of the security gap he will restrict the access to the Company’s system, services or certain functions.

17.8 The Company performs daily saving of the active data of the databases that contain the personal data.

17.9 The Company keeps caring for the virus protection.

17.10 The data, access to the databases handled on the server shall be secured with name and password.

17.11 In addition, the Company provides organizational measures to protect the security of data management and unauthorized access.

XVIII. The modification of Data Management Policy

18.1 The Company preserves the right to itself to modify the present Data Management Policy at any time with a unilateral decision.

18.2 The User accepts the prevailing provisions of the Data Management Policy with the next sign in, there is no need to ask for the permission of each Users.

XIX. Copyright Notice

19.1 Copyright and other relevant intellectual property rights exists on all text, videos and sound/voice recordings relating to the Company’s services and the full content of this website.

XX. Declaration of Other Trademarks

20.1 The trademarks and logos displayed on SmartNetworking™ System affiliate websites and 9x5.eu webpage are used solely to identify a given network or company.

20.2 SmartNetworking™ System offers web services for network marketing representatives, agents, independent business owners, product distributors and independent consultants. SmartNetworking™ System's web services are not officially endorsed, sponsored, and / or associated with any of the trademark / logo owners.

XXI. Links from this website

21.1 The SmartNetworking™ system’s websites contain related links to other websites that provide information, products, or services that may interest you. We do not monitor or review the content of other party’s websites which are linked to from SmartNetworking™ system’s websites.

21.2 Please be aware that we are not responsible for the privacy practices, or content, of these sites. We encourage our users to be aware when they leave our site & to read the privacy statements of these sites.

21.3 You should evaluate the security and trustworthiness of any other site connected to this site or accessed through this site yourself, before disclosing any personal information to them. My Company will not accept any responsibility for any loss or damage in whatever manner, howsoever caused, resulting from your disclosure to third parties of personal information.

XXIII. Law enforcement opportunities

23.1 User may object against the management of his personal data if

a) the handling or the forwarding of the personal data is required exclusively to meet the legal obligation of the Company or to enforce the righteous interests of the Company, data receiver or third party except when the data handling was ordered by the law;

b) the personal data are used or forwarded with the purpose of direct business making, research of public opinion or scientific research;

c) in other cases stipulated by law.

23.2 Company is analysing the objection within the shortest possible time but in maximum 15 days considered from the submittal of the application, makes a decision regarding its grounds and informs the concerned party in writing. If the Company finds that the concerned objection is justified, it is terminating the data management – including the further data recording and data forwarding -, and it is blocking the data and it is notifying everybody about the objection and the related measures to who, it had earlier forwarded the objection-related personal data and those who are obliged to take measures in order to enforce the objection right.

23.3 If the User does not agree upon the Company’s decision, he may turn to the court – in 30 days form announcement.

23.4 If the User’s rights are hurt the User can turn to the court against the Company. In this issue the court is proceeding out of turn. The legal remedy can be obtained from and complaints can be submitted to the „National Authority for Data Protection and Information Liberty”:

23.5 With any questions and remarks in connection with data management can be sent to the colleagues of the Data manager at info@smnets.com e-mail address.

XXIV. Checking of Data Management Policy

24.1 The compliance with the data-protection-related provisions, with special regard to the compliance of the provisions of the present policy shall be checked continuously by the managing director that perform the data handling at the Company.

24.2 At the Company the checking of the handled data are checked once a year by the managing director and/or the assigned data protection commissioner.

XXV. Web version of Data Management Policy

25.1 The current version of our Data Management Policy is available at: